Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/ObMiDVtBIMwUTJFEpvY8n4GeaMU.roa
File:                     ObMiDVtBIMwUTJFEpvY8n4GeaMU.roa (raw, json)
Hash identifier:          rOQMOYBi5fyQm2Dpol/lM2JwY5WJEiwjrn1b+x8j4OE=
Subject key identifier:   39:B3:22:0D:5B:41:20:CC:14:4C:91:44:A6:F6:3C:9F:81:9E:68:C5
Certificate issuer:       /CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Certificate serial:       443A83A1
Authority key identifier: FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/ObMiDVtBIMwUTJFEpvY8n4GeaMU.roa
Signing time:             Sat 01 Jan 2022 09:54:49 +0000
ROA not before:           Sat 01 Jan 2022 09:54:49 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     6878
IP address blocks:        80.158.31.0/24 maxlen: 24
                          80.158.32.0/19 maxlen: 24
                          80.158.72.0/21 maxlen: 24
                          80.158.80.0/20 maxlen: 24
                          80.158.96.0/19 maxlen: 24
                          80.158.0.0/23 maxlen: 23
                          80.158.0.0/21 maxlen: 24
                          80.158.16.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1144685473 (0x443a83a1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fad7100e77ed9119d66e2321bb6711d7e760982b
        Validity
            Not Before: Jan  1 09:54:49 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=39b3220d5b4120cc144c9144a6f63c9f819e68c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:44:e8:b7:86:0a:e3:db:ff:10:0d:35:7f:96:
                    bc:a1:b7:be:a3:e8:7c:82:6e:9d:5c:a8:65:32:55:
                    b1:a7:f7:02:6f:f8:f7:30:78:67:37:90:dc:93:95:
                    67:2b:4d:ac:1c:ad:8b:84:29:c1:95:dc:0a:2e:68:
                    72:69:7f:96:d9:7d:ce:f9:a9:c3:f0:78:24:ff:ee:
                    84:f2:8c:a8:34:eb:e4:78:73:03:ce:42:e0:09:08:
                    d1:4c:2d:98:92:c2:a2:f1:c7:8d:6d:99:84:da:f8:
                    7d:37:1c:5f:44:23:8b:75:5b:48:01:7c:4d:64:cf:
                    2f:0d:8b:0c:17:84:fe:56:c4:ef:3e:6d:27:fa:fe:
                    b9:6e:72:0e:99:c6:c1:9d:b6:29:e7:16:5a:a5:60:
                    fa:2e:f1:9c:a7:ec:82:bb:b5:22:16:a1:66:81:ce:
                    65:9d:13:bd:e2:69:96:7a:07:fa:c9:8d:54:56:aa:
                    4c:f3:bc:de:7e:8e:42:b3:02:3d:f7:e9:fe:08:d7:
                    52:39:dd:ef:f7:0a:b3:6e:53:a5:d3:70:84:db:20:
                    b3:16:34:40:8b:a8:80:e6:ea:b3:ed:e3:e7:d9:fe:
                    cd:c1:48:07:5e:04:de:ef:9c:00:ed:fc:6f:bb:da:
                    ec:a6:a7:2e:41:d6:9a:ae:1d:d4:18:47:f9:53:2d:
                    85:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:B3:22:0D:5B:41:20:CC:14:4C:91:44:A6:F6:3C:9F:81:9E:68:C5
            X509v3 Authority Key Identifier:
                keyid:FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/ObMiDVtBIMwUTJFEpvY8n4GeaMU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.158.0.0/21
                  80.158.16.0-80.158.63.255
                  80.158.72.0-80.158.127.255

    Signature Algorithm: sha256WithRSAEncryption
         7e:c1:17:0b:79:10:5b:a6:7b:f5:9e:51:f0:c8:e1:1b:86:dc:
         99:80:3d:f9:4d:39:45:db:b1:3d:1c:44:de:6d:8a:51:b7:e5:
         78:8c:13:17:b1:87:ca:f6:66:3b:87:8b:8f:10:fb:26:fa:8a:
         b6:48:33:d0:b9:f7:a4:92:e5:0c:a3:c7:98:63:0d:b5:d6:cc:
         1a:f4:4a:27:3f:e6:4b:d7:8f:f9:e9:c1:5d:35:cc:5b:c2:a7:
         43:61:37:ee:7d:a2:f5:c8:25:c5:05:67:3a:9f:80:ca:ac:74:
         14:6f:af:87:ee:dc:96:ec:67:df:72:fe:04:11:97:29:33:5e:
         2c:56:f0:9f:d8:54:ca:a6:db:4b:ce:bd:ae:27:96:6b:88:35:
         a0:00:a5:b1:bf:22:f1:e8:35:09:61:df:45:b9:e3:82:35:1a:
         c8:03:4a:2b:ef:02:39:0b:f9:cb:e2:f1:9e:e9:66:b2:b8:86:
         91:6b:d5:0b:4c:32:9a:7f:cb:96:1f:ce:ea:9e:c5:e9:2c:08:
         8c:23:a8:4d:96:69:f8:17:cd:60:3b:72:77:8f:d1:c8:30:11:
         f2:90:d2:a2:4c:1d:2d:09:a0:a8:36:cb:45:a3:58:56:c6:2d:
         ed:6c:34:fb:35:ff:5c:ab:74:f8:7d:fe:f3:8d:67:54:0b:41:
         8c:b3:74:15
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIERDqDoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWQ3MTAwZTc3ZWQ5MTE5ZDY2ZTIzMjFiYjY3MTFkN2U3NjA5ODJiMB4XDTIyMDEw
MTA5NTQ0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzliMzIyMGQ1YjQx
MjBjYzE0NGM5MTQ0YTZmNjNjOWY4MTllNjhjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhE6LeGCuPb/xANNX+WvKG3vqPofIJunVyoZTJVsaf3Am/4
9zB4ZzeQ3JOVZytNrByti4QpwZXcCi5ocml/ltl9zvmpw/B4JP/uhPKMqDTr5Hhz
A85C4AkI0UwtmJLCovHHjW2ZhNr4fTccX0Qji3VbSAF8TWTPLw2LDBeE/lbE7z5t
J/r+uW5yDpnGwZ22KecWWqVg+i7xnKfsgru1IhahZoHOZZ0TveJplnoH+smNVFaq
TPO83n6OQrMCPffp/gjXUjnd7/cKs25TpdNwhNsgsxY0QIuogObqs+3j59n+zcFI
B14E3u+cAO38b7va7KanLkHWmq4d1BhH+VMthb8CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQ5syINW0EgzBRMkUSm9jyfgZ5oxTAfBgNVHSMEGDAWgBT61xAOd+2RGdZu
IyG7ZxHX52CYKzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtdGNRRG5mdGtSbldiaU1odTJjUjEtZGdtQ3MuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzNlLzAxZDQxMS1kOTE1LTQyNzctOGZlMi03NmIwZGRhMmJmM2Uv
MS9PYk1pRFZ0QklNd1VUSkZFcHZZOG40R2VhTVUucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNl
LzAxZDQxMS1kOTE1LTQyNzctOGZlMi03NmIwZGRhMmJmM2UvMS8xLXRjUURuZnRr
Um5XYmlNaHUyY1IxLWRnbUNzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQDUJ4AMAwDBARQnhADBAZQngAw
DAMEA1CeSAMEB1CeADANBgkqhkiG9w0BAQsFAAOCAQEAfsEXC3kQW6Z79Z5R8Mjh
G4bcmYA9+U05RduxPRxE3m2KUbfleIwTF7GHyvZmO4eLjxD7JvqKtkgz0Ln3pJLl
DKPHmGMNtdbMGvRKJz/mS9eP+enBXTXMW8KnQ2E37n2i9cglxQVnOp+Ayqx0FG+v
h+7cluxn33L+BBGXKTNeLFbwn9hUyqbbS869rieWa4g1oAClsb8i8eg1CWHfRbnj
gjUayANKK+8COQv5y+LxnulmsriGkWvVC0wymn/Llh/O6p7F6SwIjCOoTZZp+BfN
YDtyd4/RyDAR8pDSokwdLQmgqDbLRaNYVsYt7Ww0+zX/XKt0+H3+841nVAtBjLN0
FQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:26 2024 by rpki-client on console-ams.rpki-client.org